Most security investments focus on the perimeter, like firewalls, endpoint agents, and SIEM alerts. Yet one of the most abused channels in enterprise attacks barely gets a second look: DNS. Before malware is executed, before data is exfiltrated, and before a lateral movement attempt begins, DNS is involved. Attackers use it to find footholds, establish command-and-control (C2) channels, and quietly map internal infrastructure.
|
By Akshra GJ
Most breaches don't announce themselves; they whisper. A subtly malformed DNS query here. A DHCP lease request that looks almost normal there. A client that suddenly requests a domain no one in your organization has ever heard of. By the time these whispers become alarms on a SIEM dashboard, attackers have often already moved laterally, exfiltrated data, or cemented persistence. In traditional DNS, DHCP, and IPAM (DDI) setups, these signals are buried under millions of legitimate transactions.
|
By Ramprashad Guruswamy
Active Directory (AD) auditing focuses on topics such as who did what, when, and from where within your network. AD auditing and SIEM monitoring are closely related, yet they play two distinct roles in cybersecurity. SIEM monitoring shows you how a change is connected to an attack or incident. Together, they enable faster investigations, accurate root-cause analysis, and a stronger security posture.
Cyberattacks often succeed not because they are sophisticated but because organizations lack reliable backups or struggle to restore data quickly. When recovery is slow, even minor disruptions can escalate, providing attackers with the time and leverage they need to deploy ransomware and halt operations. When systems go down, every minute of downtime results in operational disruption, a drop in revenue, and lost customer trust.
|
By Monideepa Mrinal Roy
Top tips is a weekly column where we highlight what’s trending in the tech world and list practical ways to explore these trends. This week, we are tackling a lesser-known but growing cybersecurity risk in modern workplaces: printer-based attacks. Let's start with a simple scenario. It's a quiet evening at the office. Most employees have gone home, the lights are dimmed, and the network continues running as usual. In one corner of the floor sits a printer that has been there for years.
In June 2017, the world witnessed one of the most destructive cyberattacks in history: the NotPetya attack. Unlike traditional ransomware, NotPetya was a wiper. Once it infected a system, recovery was impossible. The ransom demand was a ruse because no decryption keys were ever made available. The true intent of the attackers was to cause disruption and damage. Nearly a decade later, NotPetya is considered a turning point in how organizations approach backup and recovery. The threat has only grown.
|
By Nandini Malhotra
Top tips is a weekly column where we highlight what’s trending in the tech world and share ways to stay ahead. This week, we’re taking a moment to think about something that often gets overlooked. When the world feels unpredictable, our routines change. We rely more on our devices to stay connected, informed, and reassured.
Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week, we learn more about synthetic identity fraud.
Previously, DDI Central version 6.0 introduced several enhancements designed to elevate the administrative experience, including streamlined importing of multiple servers in Windows environments, granular control over network resources through hierarchical roles, and a more in-depth view of network clusters. Now, DDI Central version 6.1 delivers broader and more comprehensive visibility into IP Address Management, featuring enhanced segmentation and multiple viewing options.
As endpoints became more powerful, more mobile, and more exposed, they also became more prone to attacks. Endpoints remain one of the most targeted entry points for attacks. Attacks today are no longer random; they are targeted, deliberate, and increasingly powered by automated AI discovery tools that hunt for unmanaged gaps. Malware, ransomware, and phishing-based intrusions continue to increase, and their first level of interaction often happens on an endpoint.
|
By ManageEngine
Originating in the United Kingdom, Cyber Essentials is a government-backed compliance certification standard that helps organizations mitigate a whole range of common cyberattacks.
|
By ManageEngine
ManageEngine Key Manager Plus Cloud is a cloud-based comprehensive certificate life cycle management solution that helps consolidate, control, audit and automate the entire life cycle of enterprise TLS and SSL certificates. In addition, Key Manager Plus also offers end-to-end Azure Key Vault and application secrets management, and PGP key management. This demo will cover all the key features of Key Manager Plus Cloud.
|
By ManageEngine
AI has quietly moved from experiments to real-world systems that now write, decide, and reason alongside us. But as these systems scale, so do the risks. From hallucinations and data leakage to prompt injection and model abuse. In this episode of Server Room, we sit down with Tamaghna Basu, Founder of DeTaSECURE, to explore what it really takes to build and secure AI systems in production and why the future of AI will depend not just on intelligence, but on trust.
|
By ManageEngine
Your team might already be using AI tools you don’t even know about. In this Tech in a Minute video, we break down Shadow AI—the hidden risks, data exposure, and why visibility matters. For more quick tech insights, visit ManageEngine Insights now.
|
By ManageEngine
Your biggest data leak might be the people who already left your company. Many businesses onboard employees well—but forget to properly remove access when they leave. In this video, we share a few simple steps to secure your data during employee offboarding. Want more quick, practical cybersecurity tips? Check out the rest of our videos on ManageEngine Insights.
|
By ManageEngine
Nearly 80% of security breaches involve compromised privileged credentials, according to Forrester. Since privilege abuse is a major attack vector, managing privileged access and the associated attack surface is crucial. In this webinar, we explore how ManageEngine PAM360 and Endpoint Central can catalyse your journey toward achieving privileged access security—all within the unified ManageEngine ecosystem!
|
By ManageEngine
Your biggest cybersecurity risk might not be your laptop, it could be your printer. Most companies overlook it, and hackers know it.
|
By ManageEngine
Was this helpful? There’s more! Tap the link to see our complete library of Tech in a Minute videos: https://zurl.co/Vfprc
|
By ManageEngine
Managing certificates and client secrets across multiple Azure Key Vaults and applications manually? It's not just time-consuming, it's nearly impossible to do effectively. That's where Key Manager Plus comes in. Its seamless Azure integration gives you complete visibility and control over every certificate and secret across your Azure Key Vault and registered applications, all from one centralized dashboard.
|
By ManageEngine
Retail, restaurants, transport and even hospitals. - there's QR codes everywhere. So, checkout the last episode of the Little Lessons in cybersecurity series where we talk about a habit we're almost second natured to: Payment through QR codes.
|
By ManageEngine
Enable AI empowered IT operations without the hassles. Learn everything you need to know about AIOps today.
|
By ManageEngine
Rogue device intrusion has become a nightmare for admins running modern IT infrastructures. While these infrastructures are already under constant attack from several malicious entities, other factors like BYOD policies, IoT, and shadow IT make it a challenge to know about every connected device. Even with vigilant security measures in place rogue devices can seep through the cracks.
|
By ManageEngine
An effective SIEM solution ingests logs from different network sources to give visibility into user and host activities. It uses capabilities such as threat intelligence and behavioral analysis to set correlation rules to spot malicious activities within a network. This e-book will help you obtain the maximum value from your SIEM deployment by guiding you through 10 of the most critical capabilities capabilities.
|
By ManageEngine
One of the best ways to defend against both internal and external attacks is to integrate anomaly detection, a.k.a. user and entity behavior analytics capabilities, into your security analytics solution. In this e-book, we break down the different types of security anomalies and explain what each one looks like. We also explain how to determine the risk score of every user and host in the network. Finally, we cover five ways in which you can harden your defenses with anomaly detection.
|
By ManageEngine
Just as remote work has grown at an unprecedented rate across the world, so too have the number of email scams. Email is now the most popular attack vectors among adversaries. We've prepared a guide to help you understand the anatomy of popular email-based scams, how they work, and what you can do to avoid them. Key insights from the e-book.
|
By ManageEngine
Following the outbreak of COVID-19, organizations around the world have rapidly adopted remote work policies, making email communication more important than ever for disparate teams to collaborate. This has made it convenient for threat actors to launch email-based cyberattacks. The FBI has issued a public service announcement in which it revealed that it is anticipating business email compromise (BEC) attacks related to the COVID-19 crisis to increase. Hence, it's imperative for businesses to strengthen email security to mitigate email-borne threats.
|
By ManageEngine
Remote work is here to stay, at least for the time being. IT admins now face the stiff challenge of extending IT support to employees and ensuring smooth workflows. They are now forced to minimize help desk dependency and processes in place that ensure complete security. This e-book helps IT admins do exactly that. ManageEngine's in house IAM expert writes about accessibility and security aspects of password infrastructures, and how you as an IT admin can minimize the risk of employee down-time due to password mismanagement.
|
By ManageEngine
The National Institute of Standards and Technology (NIST) is a physical sciences laboratory and is now part of the United States Department of Commerce. The NIST publishes standards across fields including engineering, information technology, neutron research, and more.
|
By ManageEngine
Over 80 percent of all federal agencies use Microsoft Office 365, Azure, and collaboration products such as SharePoint, Yammer, and Teams to serve their thousands of employees and contractors. Office 365 has many benefits including enhanced security, mobility, and reporting, but how can you be sure that you're staying compliant and protecting information for an Office of Inspector General (OIG) audit?
|
By ManageEngine
A majority of companies are moving towards a work-from-home model in an effort to reduce costs and improve operational agility. However, along with these advantages, a remote workforce brings up numerous security concerns. Download this e-book to learn how to secure your network and safely support a remote workforce.
- April 2026 (6)
- March 2026 (11)
- February 2026 (7)
- January 2026 (5)
- December 2025 (5)
- November 2025 (10)
- October 2025 (15)
- September 2025 (5)
- August 2025 (6)
- July 2025 (8)
- June 2025 (2)
- May 2025 (6)
- April 2025 (4)
- March 2025 (6)
- February 2025 (12)
- January 2025 (9)
- December 2024 (12)
- November 2024 (12)
- October 2024 (13)
- September 2024 (15)
- August 2024 (11)
- July 2024 (8)
- June 2024 (10)
- May 2024 (12)
- April 2024 (10)
- March 2024 (16)
- February 2024 (7)
- January 2024 (15)
- December 2023 (6)
- November 2023 (5)
- October 2023 (9)
- September 2023 (10)
- August 2023 (8)
- July 2023 (8)
- June 2023 (8)
- May 2023 (16)
- April 2023 (12)
- March 2023 (9)
- February 2023 (10)
- January 2023 (10)
- December 2022 (9)
- November 2022 (16)
- October 2022 (11)
- September 2022 (4)
- August 2022 (11)
- July 2022 (15)
- June 2022 (9)
- May 2022 (5)
- April 2022 (7)
- March 2022 (12)
- February 2022 (8)
- January 2022 (7)
- December 2021 (10)
- November 2021 (9)
- October 2021 (16)
- September 2021 (10)
- August 2021 (9)
- July 2021 (5)
- June 2021 (8)
- May 2021 (4)
- April 2021 (3)
- March 2021 (12)
- February 2021 (6)
- January 2021 (4)
- December 2020 (12)
- November 2020 (7)
- October 2020 (8)
- September 2020 (8)
- August 2020 (6)
- July 2020 (12)
- June 2020 (8)
- May 2020 (13)
- April 2020 (16)
- March 2020 (9)
- February 2020 (6)
- January 2020 (5)
As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.
ManageEngine crafts comprehensive IT management software with a focus on making your job easier. Our 90+ products and free tools cover everything your IT needs, at prices you can afford.
We have complete and easy solutions for even your most difficult IT management problems, from keeping your business safe, to ensuring high availability, to making your users happy. We’re bringing IT together so you don’t have to.
From network and device management to security and service desk software, we're bringing IT together for an integrated, overarching approach to optimize your IT.